<?php if (SET != 1) die(); ?>

<h1>Benutzer hinzufügen</h1>

<?php

	function show_useradd() {
		
		global $_POST;
		
		echo '
		
			<form action="index.php?m=users&f=add" method="post">
			
				<table class="noborder">
				
					<tr>
						<th>Benutzername:</th>
						<td><input type="text" name="username" value="'.((isset($_POST['username'])?$_POST['username']:"")).'" /></td>
					</tr>
					
					<tr>
						<th>Vorname:</th>
						<td><input type="text" name="forename" value="'.((isset($_POST['forename'])?$_POST['forename']:"")).'" /></td>
					</tr>
					
					<tr>
						<th>Nachname:</th>
						<td><input type="text" name="name" value="'.((isset($_POST['name'])?$_POST['name']:"")).'" /></td>
					</tr>
					
					<tr>
						<th>Passwort:</th>
						<td><input type="text" name="password" value="'.((isset($_POST['password'])?$_POST['password']:"")).'" /></td>
					</tr>
					
					<tr>
						<th>Geb.-Datum:</th>
						<td>
							<input type="text" name="dob_day" value="'.((isset($_POST['dob_day'])?$_POST['dob_day']:"")).'" size="2" />.
							<input type="text" name="dob_month" value="'.((isset($_POST['dob_month'])?$_POST['dob_month']:"")).'" size="2" />.
							<input type="text" name="dob_year" value="'.((isset($_POST['dob_year'])?$_POST['dob_year']:"")).'" size="4" />
							<i>(TT/MM/JJJJ)</i>
						</td>
					</tr>
					
					<tr>
						<th>E-Mail:</th>
						<td><input type="text" name="email" value="'.((isset($_POST['email'])?$_POST['email']:"")).'" /></td>
					</tr>
					
					<tr>
						<th></th>
						<td><input type="submit" value="Benutzer anlegen" /></td>
					</tr>
				
				</table>
			
			</form>
		
		';
		
	}
	
	
	if (isset($_POST['username'])) {

		/* add new user */
		
		if (file_exists(config("root")."data/users.xml")) {

			$xmlObj = simplexml_load_file(config("root")."data/users.xml");

			$usersObj = $xmlObj->xpath("user/username[text()='".$_POST['username']."']/..");
			
			//check if username is available
			
			if ($usersObj) {
				error("Der Benutzername ist bereits vergeben");
				show_useradd();
			} else {
				
				//add user
				
				$newId = 0;
				
				$idsObj = $xmlObj->xpath("user");
				
				if ($idsObj) {
					
					foreach ($idsObj as $idObj) {
						
						if ($idObj->id > $newId) {
							$newId = (int) $idObj->id;
						}
						
					}
					
				}
				
				$newId++;
				
				$newXmlString = '
					<user>
						<id>'.$newId.'</id>
						<regcode></regcode>
						<username>'.xmlencode(strtolower($_POST['username'])).'</username>
						<password>'.xmlencode($_POST['password']).'</password>
						<forename>'.xmlencode($_POST['forename']).'</forename>
						<name>'.xmlencode($_POST['name']).'</name>
						<dateofbirth>'.xmlencode($_POST['dob_year']).'-'.xmlencode($_POST['dob_month']).'-'.xmlencode($_POST['dob_day']).'</dateofbirth>
						<email>'.xmlencode($_POST['email']).'</email>
						<regdate>'.time().'</regdate>
						<position>Sonstige</position>
						<active>1</active>
						<locked>0</locked>
					</user>
				';
				
				$usersXmlString = file_get_contents(config("root")."data/users.xml");
				
				$usersXmlString = substr($usersXmlString, 0, strpos($usersXmlString, "<users>")+7).$newXmlString.substr($usersXmlString, strpos($usersXmlString, "<users>")+7);
				
				$save = file_put_contents(config("root")."data/users.xml", $usersXmlString);
				
				if ($save) {
					echo '
						<p class="success">Der Benutzer wurde hinzugefügt.</p>
						<meta http-equiv="refresh" content="1; url=index.php?m=users&f=users" />
					';
				} else {
					error("Fehler beim Speichern der XML-Datei");
					show_useradd();
				}
				
			}
		
		} else error("Benutzerliste nicht gefunden");
		
		
	} else {
		show_useradd();
	}
	
	
	
	
?>
	